-
-
Notifications
You must be signed in to change notification settings - Fork 22
Expand file tree
/
Copy path.pre-commit-config.yaml
More file actions
53 lines (50 loc) · 1.8 KB
/
.pre-commit-config.yaml
File metadata and controls
53 lines (50 loc) · 1.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
repos:
- repo: 'https://github.com/adrienverge/yamllint'
rev: 'v1.38.0'
hooks:
- id: 'yamllint'
args: ['-c=.yamllint.yml']
files: '\.(yaml|yml)$'
types: ['file', 'yaml']
entry: 'yamllint'
- repo: 'https://github.com/pre-commit/pre-commit-hooks'
rev: 'v6.0.0'
hooks:
- id: 'check-added-large-files'
- id: 'check-ast'
- id: 'fix-byte-order-marker'
- id: 'check-case-conflict'
- id: 'check-executables-have-shebangs'
- id: 'check-json'
- id: 'check-merge-conflict'
- id: 'check-yaml'
args: ['--unsafe']
- id: 'debug-statements'
- id: 'detect-private-key'
# gpg_key returns ASCII-armored exports; the RETURN sample contains
# the literal PGP private key block header for documentation, which
# the hook regex-matches as if it were a real key.
exclude: '^plugins/modules/gpg_key\.py$'
- id: 'end-of-file-fixer'
- id: 'mixed-line-ending'
- id: 'trailing-whitespace'
- repo: 'https://github.com/PyCQA/bandit'
rev: '1.9.4'
hooks:
- id: 'bandit'
args:
- '--severity-level=low'
- '--confidence-level=low'
- '--skip=B110,B112,B311' # graceful-degradation patterns, non-crypto randomness
# `plugins/modules/ipa*.py` is vendored ansible-freeipa code; bandit
# false-positives on the project's own code style (`shell=dict(...)`
# in argument_spec triggers B604, the literal `'on_create'` sentinel
# triggers B105). Out of scope for in-tree review.
exclude: '^plugins/modules/ipa.*\.py$'
types_or: ['python']
- repo: 'https://github.com/jendrikseipp/vulture'
rev: 'v2.16'
hooks:
- id: 'vulture'
args: ['--min-confidence=80']
types_or: ['python']